Privacy Policy
Last updated: 2024-12-27
Introduction
At LOWIS, we place the utmost importance on protecting your personal data. This privacy policy informs you about how we collect, use, and protect your information when you use our application and services.
Data Controller
The data controller is Organicare SARLAU, a Moroccan company.
Address: Casablanca, Morocco
Contact email: privacy@lowis.app
Data We Collect
To provide you with a personalized nutritional service, we collect the following categories of data:
person Identification Data
- check First and last name
- check Email address
- check Phone number
- check Date of birth
- check Gender
- check Country and timezone
favorite Health Data (sensitive)
- check Weight and height
- check Body measurements (waist, hips, arms)
- check Menstrual cycle (optional)
- check Medical conditions and allergies
- check Sleep quality
- check Stress level and mood
- check Body progress photos (optional)
restaurant Nutritional Data
- check Photographed and logged meals
- check Dietary preferences and restrictions
- check Water consumption
- check Nutritional analysis (macros and micronutrients)
fitness_center Activity Data
- check Exercises performed
- check Duration and intensity of activities
- check Estimated calories burned
devices Technical Data
- check Session and device identifiers
- check Push notification tokens
- check Application usage logs
payment Payment Data
- check Payment references (tokenized, never complete numbers)
- check Transaction history
- check Invoices
smart_toy AI Interaction Data
- check Conversations with LOWIS assistant
- check Generated insights and recommendations
Processing Purposes
We use your data to:
- arrow_right Personalize your nutritional plan and recommendations
- arrow_right Analyze your meals and calculate nutritional intake
- arrow_right Track your health indicators and adapt your program
- arrow_right Send you personalized notifications and reminders
- arrow_right Process your payments and manage your subscription
- arrow_right Improve our services and develop new features
- arrow_right Ensure the security of your account and prevent fraud
Legal Basis for Processing
We process your data on the following legal bases:
Explicit consent
For sensitive health data, you give your consent during registration
Contract performance
To provide the services you have subscribed to
Legitimate interest
To improve our services and ensure security
Legal obligation
For the retention of billing data
Data Recipients
Your data may be shared with the following providers, strictly within the scope of providing our services:
| Service | Purpose |
|---|---|
| Supabase | Secure hosting and database |
| Google Gemini | AI analysis of photographed foods |
| Firebase | Push notifications |
| Stripe / Lemon Squeezy | Secure payment processing |
| USDA / Spoonacular / FatSecret | Reference nutritional data |
We never sell your personal data to third parties.
International Transfers
Your data is primarily hosted in the European Union. In case of transfer to third countries, we ensure that appropriate safeguards are in place (standard contractual clauses, certifications).
Data Retention
We retain your data for the following periods:
| Type | Duration |
|---|---|
| Account data | Duration of your subscription + 3 years |
| Health data | Duration of your subscription, deleted upon request |
| Billing data | 10 years (legal obligation) |
| Technical logs | 12 months |
Your Rights
In accordance with GDPR and Moroccan Law 09-08, you have the following rights:
Right of access
Obtain a copy of your personal data
Right of rectification
Correct your inaccurate or incomplete data
Right to erasure
Request deletion of your data
Right to portability
Receive your data in a structured format
Right to object
Object to certain processing
Right to restriction
Restrict the processing of your data
Withdrawal of consent
Withdraw your consent at any time
To exercise these rights, contact us at the address below.
Cookies and Similar Technologies
We use essential cookies for the application to function and analytical cookies to improve our services. You can manage your cookie preferences in the application settings.
Data Security
We implement appropriate technical and organizational measures to protect your data: encryption of data in transit and at rest, secure authentication, restricted data access, regular security audits.
Minors
LOWIS is intended for persons aged 16 and over. If you are under 16, you must obtain consent from your parents or legal guardians before using our services.
Changes
We may update this privacy policy. In case of substantial changes, we will inform you by email or through the application. The date of the last update is indicated at the top of this page.
Contact
For any questions about this policy or your personal data, contact our Data Protection Officer:
Email: privacy@lowis.app